A. A common resolution to this problem is to disable NTLM and use Basic only; however, the actual problem is related to kernel authentication in Microsoft IIS 7. Although a fix is expected in Rollup 5 for Exchange Server 2007 SP1 a workaround is available that disables the use of kernel mode authentication. To disable it, run the following command on your Client Access (CAS) servers.
%Windows%\inetsrv\appcmd.exe set config /section:system.webServer/security/authentication/windowsAuthentication /useKernelMode:false
To check the current authentication setting on the CAS use the following command:
%windir%\system32\inetsrv\appcmd.exe list config /section:system.webServer/security/authentication/windowsAuthentication
Q. Why am I receiving logon prompts from Outlook Anywhere clients when I have IIAuth set to Basic and NTLM?
1 comment
Hide comments